If I tracert to the sites that do work, everything works as expected. Traffic hits my local gateway and goes out to the internet without issue. If I tracert to a site that doesn't work, my LAN gateway (192.168.0.1 LAN int) returns a Destination Host Unreachable error which most tshooting says is a routing problem.

There's no static routes and the default route points to my ISP's gateway on the WAN int. My public IP and my ISP gateway are on the correct net. Outbound firewall permits all traffic. Outbound NAT is set to automatic. I'm not performing any type of URL or IP filtering. The sites are inaccessible from all machines on my local network as well as the pfSense box itself. I don't understand why traffic destined for certain public nets are reachable while other public nets are not.

I've rebooted my computer, switch and pfsense box. Issue persists. If I remove the pfSense box and patch the D-Link back in, everything works fine.

Any assistance the community can provide would be greatly accepted. I've been looking to replace that D-Link box for sometime and pfSense is the perfect solution but it's unusable at the moment.

Another update. I did a clean install of 2.0.1 amd64. Exact same issues. I noticed that Wikipedia.org doesn't load either. Oh well. I don't know what else to try. The folks over at Reddit where incredibly helpful but they're out of options as well. Unless there's a way to do a full system dump and provide it to a pfSense core dev, I'm done :( Time to go pick-up a Cisco ASA.

Resolved. A user on Reddit said they had this same issue. They had manually configured the WAN port and noticed odd connection issues like this. They suggested restoring defaults and using the Setup Wizard in the GUI. This fixed the issue. I compared the settings from before and after using the Setup Wizard and they're identical. No clue what changed but oh well, issue is resolved.

I've seen that same described issue several times. Every time because of seriously screwing up a subnet mask, like putting a /1 mask on an interface, so the system thinks a gigantic chunk of the Internet should be locally reachable. Obviously that breaks things.

There's no magic in the setup wizard. It's not possible to go through it and end up with the same config at the end and have it magically fix things.